# 安全组

# 已有安全组
exist_security_group = '{{"AttachSecurityGroupToL3Network-edge{security_num}": {{'\
    '"Type": "ZStack::Action::AttachSecurityGroupToL3Network",'\
    '"Properties": {{'\
        '"securityGroupUuid": "{exiset_security_uuid}",'\
        '"l3NetworkUuid": {{'\
            '"Fn::GetAtt": ['\
                '"vpc.network-{vpc_uuid}",'\
                '"uuid"'\
                ']'\
            '}}'\
        '}},'\
    '"DependsOn": ['\
        '"AddIpRangeByNetworkCidr-{vpc_uuid}"'\
        ']'\
    '}}'\
'}}'


# 新建安全组
security_group_roule = '{{"security.group.rule-{security_group_uuid}-{security_group_num}": {{'\
    '"Type": "ZStack::Resource::SecurityGroupRule",'\
    '"Properties": {{'\
        '"securityGroupUuid": {{'\
            '"Fn::GetAtt": ['\
                '"security.group-{security_group_uuid}",'\
                '"uuid"'\
                ']'\
            '}},'\
        '"rules": ['\
            '{{'\
                '"type": "{type}",'\
                '"protocol": "{protocol}",'\
                '"ipVersion": "{ip_version}",'\
                '"startPort": "{start_port}",'\
                '"endPort": "{end_port}"'\
                '}}'\
            '],'\
        '"remoteSecurityGroupUuids": ['\
            '"{remote_security_group_uuid}"'\
            ']'\
        '}}'\
    '}}'\
'}}'

# 安全组
security_group = '{{"security.group-{security_group_uuid}": {{'\
    '"Type": "ZStack::Resource::SecurityGroup",'\
    '"Properties": {{'\
        '"name": "{security_group_name}"'\
        '}}'\
    '}}'\
'}}'


# 添加安全组到网络    
attach_vm_nic_to_security = '{{"AddVmNicToSecurityGroup-edge{add_vm_nic_edge_num}": {{'\
    '"Type": "ZStack::Action::AddVmNicToSecurityGroup",'\
    '"Properties": {{'\
        '"vmNicUuids": ['\
            '{{'\
                '"Fn::GetAtt": ['\
                    '{{"Fn::Select": [0,'\
                                    '{{'\
                                        '"Fn::GetAtt": ['\
                                            '"vm-{vm_uuid}",'\
                                            '"vmNics"'\
                                            ']'\
                                        '}}'\
                                    ']'\
                     '}},'\
                    '"uuid"'\
                    ']'\
                '}}'\
            '],'\
        '"securityGroupUuid": {{'\
            '"Fn::GetAtt": ['\
                '"security.group-{security_group_uuid}",'\
                '"uuid"'\
                ']'\
            '}}'\
        '}}'\
    '}}'\
'}}'

